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(57) Abstract 

In a method and a de- 
vice for partial encryption and 
progressive transmission of im- 
ages, a first section of the im- 
^ file is compressed at reduced 

™ality without decryption, and 
Hecond section of me .mage 
fi)e is encrypted. Use^ving 

access w appropnate decrypt* 
keywords can decrypt this sec- 
ond section. The first section 
together with the decrypted sec- 
ond section can then be viewed 
as a full quality image. The stor- 
age space required for stonngtte 
first and section together is 
sentiaUy the same as the stor- 
age space required for stonng 

o^u^crypted^^^ 
aee By using the method and 
ofvto as described herein B wr- 
ace and bandwidth requirements 
for partially encrypted images is 
reduced. Furthermore, object 
based composition and process- 
ing of encrypted objects are fa- 
cilitated, and ROIs can be en- 
crypted. Also, the shape of a ROI « 
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A METHOD AND A DEVICE FOR ENCRYPTION OP IMAGES 

r^TEL*- relates to a method an, a device for 
encrypting images. 

BACKGROUND OF THE INVENTION AND PRIOR ART 

BACKGROUND technical field which becomes 

Encryption of digital data information or 

important when transmitting and storing secret 
formation which only shall he available to a 

the information. Thus, several methods for ™^^ so 
d ata are in frequent use. Sue* methods can also he ^« 
to digital image data. Examples of encryption methods are ' 
triple DES and the public-key RSA method. 

beieco.nunic.txon network a ^ ^ su=h as a m . EOM . 

be distributed usrng a physical e 9 ^ ^ 

service providers need « ^ . t te suita ble to 

th eir business node!. C ™ ^ ^ £ull access to 
effer P-tial access ^one set ^ ^ ^ 



to all image data. 



« be offered for sale on the Internet. 
N ews P*otograp- . can e^g ^ ^ download a 

The service provider wan mialit v for evaluation, 

version of the image with reduced quality f ^ ^ 

i .hat want to publish an image, pay tor 
journals, that want t p 

are then allowed to download a tun q 

• „™idar wants to minimize storage space 
However, such a service provider « alt ernatively 
^ download bit rates. An image P™^* „ given 

„ t to distribute images on e ^ ^ ^ ^ ^ ^ a 

away or sold for a low price. Cu ^ ^ ^ full 

red uced quality but they^ t pay^ ^ ^ ^ gtorage 

quality. In the case as poSsib i e . 

space on the CD-ROM as efficiently 
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» is also essentia! that customers always can access 
«i user friendly, stand«dised software. Image providers are 
reluctant to design and support special image viewers and 
customers don't want a proliferation of viewing tools. 

Presently, image providers have to store two versions of the 
i^ges stored. The full duality version is stored as an 
encrypted image file. This means that the image first is 
jessed and stored in a compressed file format such as OPEG 
or GIF. The compressed file is then encrypted using a suitable 
encryption tool and an encrypted image file is stored The user 
„ust first decrypt this file and then access the resulting 
compressed image file using an image viewing tool. Reduced 
quality images are produced by processing the full quality 
!L 9 es in an i^age editing program. They are stored as separate 
compressed image files. 

Tfce problems with this solution are that at least two 

The probl ^ be storedi mfl that boCh 

Ver " ^rtlsHe transmitted over the network in case of 
versions must also be ftat ^ to see the free 

remote access in the case a resolution 
low resolution image before paying for the full 

version. 

in a significant disadvantage if the reduced 
This results in a signit io „ o£ tbe image 

version image contains^ ^ « ^ ^ ^ journals wouia 
information. Images that are ° gM d quality 

in particular * .provided fo previe o£ 
siace journal editors wan c £or 

cb e image content and accepts y ^ ^ ^ che 

orinting. The reduced quality imas 
storage space of the full quality image. 

which is descrio includes many new 

verification Model version 2.0, ^ image codilig 

£uD ctionalities iD ^^^icular, methods for creating a 
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can select a suitable progression .node. Individual objects 
wrcbln i»ges can be accessed separately in the JPEG 2000 
bitstreaTLd progressive transmission can be applied also o 
ejects, in 2 000 tbere is also support for independently 

decodable coding units. 

SUMMARY „ . . 

It is an object of the present invention to overcome the 
problems as outlined above and in particular to reduce the 
^unt of memory retired for storing an fcnage, which partly 
shall be possible to view, and also to reduce transmission ta- 
in a transmission scheme transmitting partially encrypted 
images- 

This object and otbers are obtained by a technique 

encryption end progressive transmission of rmages 

Action of the image file can be decompressed at reduced gualrty 

without decryption, i.e. the first low quality « 5 e not 

encrypted, and where a second section of the «age fxle rs 

encrypted . 

Th us. users having access = to ^^^^ - 
de crypt this second section^ The J ^ ^ ^ 

decrypted second section can then ^ 
ina9 e. The storage t h -Ts the storage space 

.action together „ "™^ ted £ull ^lity image. The 
required - --ng -e _ ^ 

encryptxon of the sec o£ ^ secQnd 

T be image can also be ^l^tiT" 
each section may be encrypted wxt encrypted, 
method and Keyword. Some ^ce as described 

herein is that the comp makes xfc 

^STTp^r^rr-i. - compressed 

poss M entropy decoding, 

domain without performing entropy 
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» reduced quality image can be produced according to several 
different main schemes, such as: 

1) Reduced resolution 

2) Reduced accuracy =£ the transform coeffidents 

3, Exclusion of predefined regions of interest (ROD 

ra ese methods can be combined so that a reduced quality image is 
Tg produced by reducing both the resolution and the accuracy 
of the transform coefficients. 

By using the method and device for storing and transmitting 

data as described herein, several advantages are obtained, 
■mus there is no need to store two different versrons of an 
£1 if different users are to have access to different quality 
rtne one and same image. Also, transmission times become much 
lower if the information content of the first, low -solution 

oata can be reused when transmitting the higher resolution 

image data- 

BRIEF DESCRXPTICH « , « J««n-. ^ ^ ^ ^ 

The nresent invention will now ..„>,. 
"ith reference to the accompanying drawings, rn which. 

„f t-he file structure of an image. 
. Pig. 1 is a general view of the file s aocording to 

. Figs. 2a and 2b shows encryption of images cod 

Che Fi H Is 0 ! Tll-rt illustrating some steps carried out 
""Tstdirgrrilnstrating a client server process. 
- Fig'. 5 is a view of an encryption header 

DETAILED DESCRIPTION struc ture of an original, 

in Fig. 1, a general view of the file ^ 

high resolution, ^ decodable coding 

consists of a number o di fferent P ^ shoun in Fig . 

sections 101, 103 and 10*. In the verslon o£ . ^ 

t . the section 10! which - a^ c ^ ^ ch£re£ore 

resolution image, is coa 

b e possible to decode by any receiver. 
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Tbe section 103. which comprises tot,, which coined with the 
The section l. resolution version of 

data of section 101, resiui j- f<rst encryption 

the high resolution i»age, is encrypted using a first encryp 
lethoo and oniy receivers having access to the correct 
lotion Key will he ahle to decode the data stored in the 
section 103 . 

ri*i-* which combined with the 
m . CDrHon io5, which comprises data, wmcn 

Z> of section 101 and 103 results in a full resolution version 
or the high resolution image, is encrypted usin g a second 
encryption method, and only receivers having access to the 
encryption Key will he ahle to decode the data stored in the 
section 105. 

Th us. decoding of the section ^ o£ the 

resoiution ^ version > °- ^ tron the section 

section 103 »;^ n ^ d so ^ tion image m . oecryption 113 and 
!01 result in a medium combln ed with the image data 

STS ISLrSr.^ resuit in a full resolution image 



115. 



^ermore. ^mentation in 

«■ - Ch tro S "h'coILg unit of the «. 

Model version 2.0, ** sc biC stream so that a wrde 

20 00 bitstream can he inserted 
range of progressive modes can be PP 

, . a coding unit is a part of 
In «, 2000 verification model 2 a ^ ^ ^ ^ 

tb. bitstream that encodes aspeci ^ ^ ^ 

suhband. in general, a coding ~ in£orln ation. The general 

^ependentiy decodabie ^f^.^ is to include so 
mechanism for specifying > ^ coding unit (it is 
called tags that specifies lane or der is 

sufficient to specify the sobhan in the hea der that 

ta own, . several specific modes can ^ ^ ^ 

defines a default coding um orde th 

are needed for inserting explicit tags. 
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In Figs 2a and 2b block diagrams describing how encryption can 
be implemented in tbe JPEG 2000 encoder and decoder 
respectively, are shown. 

Thuo in Fig 2a a block diagram where encryption is performed 
after ntropy coding in the encoder is shown, coding units enter 
^ entropy coding bloc, 201. In the bloc* 201 ceding the codrng 
"its are entropy coded using some suitable entropy 
output from the block 201 is fed to a selector whrch selects a 
^ Lie encryption method for each entropy coded coding unrt. 
some coding units can be selected to not be encrypted at all. 

in response to the selection made in the selector 203 the 
entropy coded coding units are encrypted in a block 205. The 
"crated coding units together with the not encrypted coding 
™then form a combined output data stream, which can be 
stored or transmitted. 

In Fig 2b a decoder for decoding the bit stream generated by 

-J, in Fio 2a is shown. Thus, first encrypted and not 
^rrcodLg uni« enter the decoder via a selector 231, 
^cTseteetl a suitable decryption method for each entropy 
whrch selects r( . ce ived coding unit is not 

coded coding unit, or if tne re 
encrypted it is directly transmitted to a block 

X, response to the selection made in the ^^'^ . 
entropy coded coding units are ^ ^ are 

stable ^iZTZ Tn^o^ the coding units 
then fed to the block 255. In the dec ryption 

from fed directly from tbe selector 251 and ^ 
bl ock 252 are entropy decode i and comb ne d t o ^ ^ ^ 

output data stream corresponding to the d 
to the entropy coding block 201 in Fig. 2a. 

■ fke transmission scheme as shown in the 
E ach coding unit - the independen tly encrypted block. 

Fl gs. 2a and 2b is handled - separa tely with any user 

Each coding unit can also in che sa me image 

rTJ^^S^ encryption methods. The 
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encrypt method used can further be a. encr yption algorithm 
c^ILd with a teyword or a method for generate Keywords. 

Different encryption methods can in such an embodiment have 
^tical algorithm hut different ^ 2 ^ZZ ^ 
rv^criotion (EMD) as shown in Figs. 2a and 2b is any gioo 
" h as session Keywords or algorithm identifiers --seeded 
Z specify the Encryption Method. Dnit Encryption State (0ES1 is 
a sy^ol that for each coding unit defines how it is encrypted. 

In Fla 3 a flow chart illustrating different steps carried out 
Encrypting an image are shown. Eirst. 

imaoe to be partially encrypted is received. The mage receive 
rftep 301 is then coded using a coding algorithm grating 
independently decodable coding units, e.g. JEBG 2000. in a step 



303 . 



• 305 some of the coding units of the image ooded 

Next, in a step 305, some o encryption method, 

ta step 303 are encrypted ^J^J^ ^encrypted 
SU ch as r>ES The ^ ^^es. Tta s. a user can 

can be set m ~^ reBpo Ling to ROIs. higher order 

chose to have coding units «« P coding units 

bit -planes a /^encrypted are merged into a 
and the coding units wnico a 
single bit stream. 

In Pig. 4. a flow chart U3^J^"~JST« 
„ h en transmitting an ^ Thus, a client 

cescribed in rve 403 The client 401 can then issue 

401 is connected to a serv ^ parC icular image, step 

a request towards the server 



405 



™»lies by transmitting the coding units of the 
The server 403 replies by ^ ^ encrypte d 

image which are not encrypted^ p ^ ^ ^ have 

coding units can be decoded oy f ull 1B age . 

access to a low -solution vers on^ or a^ pa ^ ^ ^ „ 

Bas ed on this /-rtion I: -full image. If so the 

the image in a higner 
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client transmits a request to the server requesting such 
information, step 409. 

The server replies by sending a request to the client requesting 
the client to agree to the conditions for transmitting the 
higher resolution version of the image, step 411. If the client 
agrees via a message 413, e.g. comprising a card number or 
account number from which to bill the cost for the image the 
server sends the encrypted coding units together with a key word 
by means of which the encrypted coding units can be decrypted, 
step 415 A secure method for key distribution should be used. 
Examples of such secure methods are described in W. Stalling 
"Data and computer Communications", p 635 -637, Prentice-Hall 
1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for example if he has purchased a CD-ROM 
"^images coded as described herein. The scheme as descried 
in conjunction can be modified so that no image data is 
tra nsmitted. Instead the client ^^^^^J? 
the server in order to have access to the key worai 
reared to decrypt the encrypted coding units of the CB-HC, 

In the case when the method a* I device as described herein is 
used when encoding £ no t standardise 

is a*™"* ^ ZZyv^n Header that is inciuded in the 
encryption methods » En ryp n ^ „ erged „ itn 

image header or optionally an ryp roe cify how coding 

the JTEG 2000 Tags can instead be need to specrty 

units are decrypted. 

In such an embodiment the .PEG 2000 image header contains an 
in such . f ^ cQding ^ 1S 

Encryption Flag (EP) - then be app ended to 

encrypted. An Encryption Header (EH) shorn 

encrypuc d encr yption information can 

the JPEG 2000 image header ana encryy 

optionally be merged into JPEG 2000 Tags. 

xn Pie- 5 an encryption header is shown. The Encryption Header 
I in such an embedment contain the follows symbols. 
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!, Encryption Mode (EM) . A set of standard encryption modes are 
defined e.g. 

a) One encryption method is used for all coding units 

b) Bitplanes of less significance than bitplane X are encrypted 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

No encryption information need to included in the Tags an EM 
is defined. 

2) Encryption Mode Parameters (BMP). Parameters (X, Y, ...) that 
are used to define the Encryption Mode are set here. 

3) Number of encryption methods used. Several encryption methods 
can be used within the same image if e.g. different user groups 
should be allowed to see different image content. 

4) One Encryption Method Descriptor (HMD) for each encryption 

encryption/decrypt^ ^ . ^ & ^ 

is defined. A typical use or w supplies a 

that is encrypted by a public key algorithm^* user PP 
• v»„ for decrypting the enclosed encrypted key. Tne 
private key for cecryp g ion algorit hm to decrypt 

eecrypted key is used^ by a ^J[£» allocates an number to 

i^e coding units .r» ^ used in des symbols. 

each encryption method. This nunu> 

„ „h™ state (DES) symbol per coding unit. These 
gmt Encryption state ( y»o ^ encryption header or 

symbols could either be co bitstream a s encryption 

alternatively be distributed in the b tion header we 

tags. If the UBS information is kept » the encryp ^ ^ 

define a header element - Encryption State ES, ^ ^ 

a series of DES symbols that are listed in the 
coding units appears in the bit stream. 

If EE is set and the Encryption State is not given in the 
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* ^ pnpfficients belonging to a ROI can be handled as 
T " Td Z,7 - completely or partially encrypted 

described above. They c belonging to the ROI for 

by selecting appropriate coamy 

encryption. 

i-hP shaoe of the ROI might reveal the 

t o sho« a reduced ^lity 1— since it is difficult to 
interpret the coded transform coefficients. 

™ n be solved by defining a so called cloaking 
This problem can bejolv y ^ ^ ^ ^ are 

shape (c-shape) . Thus, th ^ designe(J to 

— . > — - - - 

shape is a bounding box. 

Tir\T t-he JPEG 2000 bit 

x c-shape is es described in 

stream. The c-shape x coded wrt veti£ication Mode l 

Charilaos chrrstopoulos (edj bribed therein 

r=r jrr~ :: ^ 1 — in the " EG 2000 



header. 



c-shape and the transform 
* masK is created usmg the c sK* ^ ^ 

coefficients belongrng to the P ^ that 

usi ng the method as described herern. T ^ 

all coefficients belongrng to any of ^ ^ ^ 

by the c-shape are encrypted. The text 

protected by encryption. 

Th e Shape of the ^^jZ^ZZ^ «~ 
encryption header. The encr ^ correS ponding c-shape. 



The decoder can 

SUBSTITUTE SHEET (RULE 26) 



PCT/SE99/02106 

WO 00/31964 

he disTjla yed as a blank region. The original ROIs can 
shape can be This is done by decrypting 

It^S. to - .shape. The shape o* 

b onging to the c-shape is also decrypted. The b.tstream can 

w b! rearranged so that the c-shape is dropped and the 
^llToxTta structures are restored. Note that this x. 
done in the compressed domaan. 

The mas* M is used for encoding a ROI is not 

<„ jpeg 2000 A mask that is sufficiently large so that 

" eTooea lossless will often cover the whole lower subbands A 

H that is not allowed to expand will lead to a lossy encode 

" the ROI. The .asks belonging to different ROIs or to a ROI 

and the background can he designed to overlap. This means that 

4a nr= are encoded in more than one ROI. Sucn 
some coeffxcxents are enco compression but the ROIs 

overlap will lead to a reauc acce ssed and decoded 

are more independent so that any ROI can be accessed 

with a good visual result. 

^ a e^r pots described herein is not 
rne partial encryption -"^J^^ che mask is selected 
aependent of the -^^^Hannlt ^reconstructed fro, the 
so that the *° tmdkgami . A method for huilding a 

content of any other ROI or b g descri bed in charilaos 

^r^. » verification M odel Version ,0. 

By .sing the method and ^^£72^ - 
ba ndwidth ^^Si. and processing of 
reduced. Furthermore, object has encrypted. 

r^Ia - restored in the compressed domain. 

• t->«>t encryption does not need to be 
another advantage is that en ryp ^ 3in=e 

performed at the same time ^' 9 domain (at the 

ch e process takes place n the^c mp ^ ^ ^ ^ 
hitstream syntax) it P £oo , e d just before 

encryption. The s^" 0 *^/ , cran s CO der, . In this case, 
transmitting the image by a parser 
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wtrate which will be the case 

" the «- - 

transmitting it. 



SUBSTITUTE SHEET (RULE 26) 



WO 00/31964 



13 



PC17SE99/02106 



CLAIMS 

!. A method of partially encrypting image data comprising too 

feeding' the image data using an encoding algorithm generating 
independently decodable coding unite, 

i. ac +- one of the coding units, and 

1 r^To^g rr -cn are not encrypted with coding units 
which are encrypted into a combined bitstream. 

2 * De th=d eccording to claim 1, characterised in that the not 
encrypted coding units correspond to a low resolution version of 
the image data. 

3. A method according to any of claims 1-2, characterized in 
Lt different codimg units are encrypted using different coding 
methods . 

4 a method according to any of claims 1-3, ^"^"{J* 

^ion flag which indicates if a coding unit is 
that an encryption £iag, W " J - V -" 
encrypted, is inserted in the bit stream. 

^ i ^iwc -i - a when information 
5 . A method according . .any of^l 

S£S S thrt the shape of the region of interest is 
enclosed in a cloaking shape. 

.. R d evice for partial encryption of image data characterised 

-loans for coding -J^^^"^ 
^rrjTK means for encrypting at least 

one of the coding units, and encryP ted with 

; — uirtsTr r=::. e S . — «~- 

. «. ckaractexised by means for 

7 . A device — f^*^ codi ; g m «s as units corresponding 
„ Dl pctinq the not encryp^eu ^ 

: ^resolution version of the image data. 
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3 . * aevice according to any of claims 6-7, "»«"~^ ** 
LL for-encryptin, coding units usxng afferent 

•coding methods. 

, x device accord^ to any of claims 6-8, characterised by 

t or inserts an encryption flag, which coatee if a 
ooding unit is encrypted, in the bit stream. 

^i a fm= 6 - 9, characterised by 
io A device according to any of clauas 6 9, 
^ Z enclosing a region of interest snaps in a eloaXm, 
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